Beyond Privilege: The RISC‑V Isolation Toolbox from Microcontrollers to Confidential Computing
2026-06-09 , Plenary

This talk surveys the RISC‑V isolation toolbox—spanning PMP/ePMP, SPMP, privilege levels, virtualization, Risc-V Worlds, and emerging Supervisor Domains—and shows how these mechanisms can be combined to build scalable, composable security and safety systems beyond traditional privilege separation.

RISC‑V has steadily developed a rich and diverse set of isolation mechanisms, including ePMP for physical memory protection, privilege levels for execution control, page‑based virtual memory for scalable address isolation, hypervisor extensions for virtualization, and Worlds for hardware‑enforced compartmentalization. Each of these tools addresses different isolation challenges, from resource‑constrained microcontrollers to full server‑class systems.

Modern platforms increasingly demand fine‑grained, composable isolation rather than coarse, monolithic privilege separation. Mixed‑criticality systems, safety‑certified embedded platforms, and confidential computing environments all require isolation techniques that can be layered, combined, and adapted to different threat models and deployment constraints.

This talk presents a toolbox‑oriented view of RISC‑V isolation.

Supervisor Domains are introduced as an emerging architectural direction within this toolbox, exploring finer‑grained isolation within supervisor mode itself. While still evolving, Supervisor Domains illustrate the broader move beyond privilege levels toward more modular and composable execution domains and provide a useful lens for understanding how future RISC‑V systems may further decompose trusted software.

Andrew Dellow is a director in the technical standards group at Qualcomm and currently chair of the Security Horizontal Committee at RISC-V International. He is also a RISC-V Ambassador, and Chair of the SoC Infrastructure Horizontal Committee. With over 25 years' experience in system on chip architecture and security, starting with the original development of robust Set Top Box SoCs for Pay TV, he is a former Chief Security Architect at HiSilicon Technologies, Distinguished Engineer and Technical Director at Broadcom Corp., and Security Architect at STMicroelectronics. His passion is driving secure architectures and implementations, holding more than 30 patents around SoC security.